RSS   Vulnerabilities for 'Magento2'   RSS

2017-03-01
 
CVE-2016-6485

CWE-327
 

 
The __construct function in Framework/Encryption/Crypt.php in Magento 2 uses the PHP rand function to generate a random number for the initialization vector, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by guessing the value.

 

 >>> Vendor: Magento 6 Products
Magento
Magento2
E-commerce
Advanced newsletter
Upward connector
Upward php


Copyright 2021, cxsecurity.com

 

Back to Top